CVE-2026-48265

This CVE affects Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier. It is a DOM-based Cross-Site Scripting (XSS) vulnerability where an attacker can cause malicious JavaScript to run in a victim’s browser by manipulating the DOM. Exploitation requires user interaction (the vi...

CVE-2026-44833

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. This vulnerability is fixed in 8.4.1...

Akıllı E-Commerce Website SQL注入漏洞

Akıllı E-Commerce Website is an e-commerce website system developed by the Turkish company Akıllı, aimed at online retail and digital sales scenarios. Versions of Akıllı E-Commerce Website prior to 4.5.001 contained a SQL injection vulnerability. This vulnerability stemmed from improper...

CVE-2026-26015

DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the "MCP test" behavior to achieve arbitrary remote code execution RCE...

web-vulnerability-scanner

web-vulnerability-scanner This Reposito...

CVE-2026-22414

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Marra marra allows PHP Local File Inclusion.This issue affects Marra: from n/a through = 1.2...

CVE-2026-28130 WordPress UDesign theme <= 4.14.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AndonDesign UDesign u-design allows Reflected XSS.This issue affects UDesign: from n/a through = 4.14.0...

CVE-2026-28128

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Verse verse allows PHP Local File Inclusion.This issue affects Verse: from n/a through = 1.7.0...

CVE-2026-27335 WordPress Ekoterra - NonProfit, Green Energy & Ecology Theme theme <= 1.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: fr...

GO-2026-4445 Sliver Vulnerable to Website Path Traversal / Arbitrary File Read (Authenticated) in github.com/bishopfox/sliver

Sliver Vulnerable to Website Path Traversal / Arbitrary File Read Authenticated in github.com/bishopfox/sliver...

CVE-2026-2160 SourceCodester Simple Responsive Tourism Website Master.php cross site scripting

A vulnerability has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Master.php?f=savepackage. The manipulation of the argument Title leads to cross site scripting. The attack can be initiat...

📄 Online Vehicle Service Management System 1.0 Add Administrator

Proof of concept add administrator exploit for Online Vehicle Service Management System version 1.0 that leverages a missing authentication vulnerability. ============================================================================================================================================= ...

CVE-1999-0509

Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands...

CVE-2023-53925

UliCMS 2023.1 contains a stored cross-site scripting vulnerability that allows attackers to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files through the file management interface that execute arbitrary scripts when viewed by other users...

WordPress plugin Feedback Modal for Website 安全漏洞

...

Responsive Hotel Site reservation.php File SQL Injection Vulnerability

Responsive Hotel Site is a responsive hotel website. Responsive Hotel Site suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter email in the file /admin/reservation.php. An attacker can exploit this vulnerabilit...

CVE-2025-11410

Affects Campcodes Advanced Online Voting Management System 1.0. The vulnerability lies in the /admin/voters_add.php endpoint where manipulating the firstname argument can cause a SQL injection. It is remotely exploitable and an exploit has been published; other parameters may be affected. Remedia...

EUVD-2020-10896

Malware in sbrugna...

EUVD-1999-0360

Malware in sbrugna...

EUVD-2004-1714

Malware in sbrugna...